350 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49799
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if setsyntheventprintfmt failed, then both traceremoveeventcall and...
Linux Distros Unpatched Vulnerability : CVE-2025-38233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix clobbered r15 during livepatching While r15 is clobbered always with...
Linux Distros Unpatched Vulnerability : CVE-2025-38269
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: exit after state insertion failure at btrfsconvertextentbit If insertstate state failed it returns an error pointer and we call extentiotreepanic which...
CVE-2025-38424 perf: Fix sample vs do_exit()
In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs doexit Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access MMIO in bad ways. The crash further shows perf trying to do a user...
CVE-2025-38371
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which can lead to GPU hangs and NULL pointer dereference in an interrupt context as shown in the following trace:...
CVE-2025-38391 usb: typec: altmodes/displayport: do not index invalid pin_assignments
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...
CVE-2025-53014 ImageMagick has Heap Buffer Overflow in InterpretImageFilename
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processi...
CVE-2025-53014
Observed affected software/versions : ImageMagick prior to 7.1.2-0 and 6.9.13-26. heap buffer overflow in the InterpretImageFilename function due to an off-by-one error, causing out-of-bounds reads when processing format strings containing consecutive percent signs (%%). The issue is confirmed to...
PT-2025-31072
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a type confusion issue within the smc module related to the handling of inet sock structures. Specifically, the issue stemmed from allowing non-INET sockets to...
CVE-2025-38330
CVE-2025-38330 affects the Linux kernel, specifically a KUnit test path in firmware: cs_dsp_ctl_cache_init_multiple_offsets that could trigger an out-of-bounds read. root cause: mock_coeff_template.length_bytes used for register value allocations, later overridden to 8 bytes, causing incorrect te...
UBUNTU-CVE-2025-38292
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12kdprxmsducoalesce, rxcb is fetched from skb and boolean iscontinuation is part of rxcb. Currently, after freeing the skb, the rxcb-iscontinuation accessed again which is wrong...
CVE-2025-38233 powerpc64/ftrace: fix clobbered r15 during livepatching
In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix clobbered r15 during livepatching While r15 is clobbered always with PPCFTRACEOUTOFLINE, it is not restored in livepatch sequence leading to not so obvious fails like below: BUG: Unable to handle kernel data...
CVE-2022-50101
CVE-2022-50101 affects the Linux kernel’s fbdev vt8623fb code. The flaw arises in vt8623fb_set_par(), where a user-supplied value is used to compute screen_size. If screen_size exceeds info->screen_size, a memory write via memset_io() can trigger a supervisor-page fault (kernel crash). The rep...
CVE-2022-50099 video: fbdev: arkfb: Check the size of screen before memset_io()
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memsetio In the function arkfbsetpar, the value of 'screensize' is calculated by the user input. If the user provides the improper value, the value of 'screensize' may larger...
CVE-2025-38016
CVE-2025-38016 (Linux kernel, HID: bpf: abort dispatch if device destroyed) is confirmed in connected sources as a HID subsystem issue in the Linux kernel. The vulnerability stems from HID-BPF dispatch when a HID device is destroyed: after hid_bpf_destroy_device(), a cleaned-up SRCU can be access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from post-release reuse in usbudcuevent, which could lead to memory access errors...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Type confusion was fixed due to a race condition when using ipcmsgsendrequest. req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can ...
CVE-2022-28946
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service DoS via triggering out-of-range memory access...
CVE-2025-37976
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2025-37944
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12kdpmonsrngprocess Currently, ath12kdpmonsrngprocess uses ath12khalsrngsrcgetnextentry to fetch the next entry from the destination ring. This is incorrect because...